From f8a94311521db9fe52c2dd430b6ce731c51ce5f1 Mon Sep 17 00:00:00 2001
From: Michal Kleiner <michal.kleiner@chrometoaster.com>
Date: Tue, 11 May 2021 00:07:12 +1200
Subject: [PATCH] NEW Add extension point to Director::is_site_url

---
 src/Control/Director.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/Control/Director.php b/src/Control/Director.php
index 4200aea7f..2afa4518e 100644
--- a/src/Control/Director.php
+++ b/src/Control/Director.php
@@ -854,6 +854,9 @@ class Director implements TemplateGlobalProvider
      * Useful to check before redirecting based on a URL from user submissions through $_GET or $_POST,
      * and avoid phishing attacks by redirecting to an attackers server.
      *
+     * Provides an extension point to allow extra checks on the URL to allow some external URLs,
+     * e.g. links on secondary domains that point to the same CMS, or subsite domains.
+     *
      * @param string $url
      *
      * @return bool
@@ -871,6 +874,13 @@ class Director implements TemplateGlobalProvider
             return true;
         }
 
+        // Allow extensions to weigh in
+        $isSiteUrl = false;
+        static::singleton()->extend('updateIsSiteUrl', $isSiteUrl, $url);
+        if ($isSiteUrl) {
+            return true;
+        }
+
         // Relative urls always are site urls
         return self::is_relative_url($url);
     }